ppt-visual
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is designed to ingest and process untrusted data (user-provided slide content) to generate design specifications. This could potentially be exploited if a user provides content containing hidden instructions designed to manipulate the agent's output or the parameters of associated tools.
- Ingestion points: Untrusted data enters the context through user-provided 'Slide content (text, bullet points)' as described in the 'How to Use Me' section of SKILL.md.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the user-provided content.
- Capability inventory: The skill is linked to the 'office-mcp' server, which provides tools with file-writing capabilities such as 'create_pptx' and 'md_to_pptx'.
- Sanitization: There is no evidence of input validation, escaping, or sanitization of the user-provided content before it is processed.
Audit Metadata